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import java.util.*; 

import java.io.*; 

import javax. servlet , 

import javax. servlet .http. *; 



public class TraditionalDemo extends HttpServlet { 
private Vector mCookies = new Vector (); 
private Hashtable mUsers = new Hashtable(); 
public void service (HttpServletRequest req, HttpServietResponse res) 
throws ServletException, lOException { 
try { 

// 

// check for sign-in 
// 

String cmd = req. getParameter { "Command" ) ; 
if (cmd 1= null && cmd. equals ( "Signin" ) ) { 

String username = req. getParameter ( "Username" ) ; 

String password = req. getParameter ( "Password" ) ; 

if (username null) { showError (req, res , "Username not 

else if (password == null) { showError (req, res, "Password 
else { 

// this application sign-in approach has the 

// that the user database and access control are 

// this particular application and therefore not 

// when there are a lot of applications 
Buf feredReader br new Buff eredReader (new 



specified. " ) ; } 
not specified.") 

disadvantage 
specific to 
easy to manage 



FileReader ("UserDB") ) 



= ' ) continue; 



boolean done false; 
String line; 
int i; 

while ( (line=br . readliine 0 ) [= null) { 
line = line.trimO; 

if ( line. equals ("") M line . charAt (0) -= 

i = line. indexOf ( ) ; 
if (i == -1) continue; 

if (username . equals (line . substring (0, i) ) ) { 
// user database without password 



encryption to 

(password. equals (line . substring (i+1) ) ) { 

(mUsers . containsKey (username) ) { 
1; i >- 0; i~) { 



// simplify this demonstration 
if 

// authentication successful 

String cookie; 

if 

// remove all cookie 

for (i = mCookies . size { ) - 
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(String) mCookies . eiementAt (i) ; 

(username. equals (cookie . substring ( 0, cookie . indexOf { 
mCookies. removeElementAt (i) ; 



cookie - 
if 



break; 



} 



} 



username+", "-fgetRandomId ( ) ; 

( imCookies . contains (cookie) ) break; 

( !mUsers.containsKey (username) ) { 
Hashtable ( ) ; 

initialization of user values 
Cookie ("Session", cookie) ; 



} 

/ / send session cookie 
while (true) { 
cookie = 

if 



mCookies. addEleinent (cookie) ; 
if 

Hashtable h = new 

// non object-oriented 

h, put ("Balance", "0") ; 
luUsers .put (username, h) ; 



} 

Cookie c = new 



c.setPath{req.getServletPath() ) ; 
res.addCookie(c) ; 
String url = 

"http : //"+req, getServerName ( ) +" : "+req. getServerPort ( ) +req. getServletPath { ) ; 

String querystr = 

req. getQueryString ( ) ; 



!querystr.equals{"") ) url += "?"+querystr; 
1) ?"?":"&") +"Session="+getRandomId( ) ; 



if (querystr != null && 
url += ( (url.indexOf ( ' )==- 
// this is done so that Netscape 



will not complain that response contains no data. 

res . setStatus (HttpServletResponse, SC_MOVED_TEMPORARILY) ; 

res . setHeader ( "Location" , url ) ; 
} else { 

showError (req, res, "Password not 



valid. ") ; 



} 



} 

break; 



not valid. ") ; } 



} 

if (line == null) { showError (req, res, "Username 
br. close ( ) ; 



} 

return; 
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// 

// get cookie 
// 

Cookie cookies [] = req . getCookies () ; 
String cookie = null; 
if (cookies != null) { 

for (int i = 0; i < cookies . length; i++) { 

if (cookies [i] , getName { ) . equals ( "Session") ) { 
cookie = cookies [ i] . getValue () ; 
break; 

} 

} 

} 

if (cookie != null ! mCookies . contains ( cookie ) ) cookie ^ 

null ; 

// 

// show sign-in 
// 

if (cookie null) { 

res. setContentType ("text /html") ; 

PrintWriter pw = res . getWriter ( ) ; 

pw . print In ( "<html><body><cent er> " 
+"<h2>Sign-In</h2>" 
+"<form method=post 
action="+req. getServletPath ( ) +">" 

•f"<input type=hidden name ^Command value=SignIn>" 
+"<table><tr><td>Username : </td>" 
+"<td><input type=text name =User name 

size=30></td>" 

+"</tr><tr><td>Password: </td>" 
+"<td><input type=password name=Password 

si2e=30></td>" 

+"</tr></table>" 

+"<input type=submit value=*OK'>" 
+"</form>" 

+"</center></body></html>") ; 
return; 

} 

// 

// do account 
// 

// get user hashtable which is used to keep all 

information/ values 

// related to a particular user 

// this approach is weak because the hashtable is not really 

an 

// object-oriented representation of the user and there is no 
// type-checking for the values stored in the hashtable 
Hashtable user = 
(Hashtable)mUsers.get(cookie.substring(0,cookie,indexOf (' .'))); 

String balance == (String) user , get ( "Balance" ) ; 
if (cmd == null) { 

showForm(req, res ^balance) ; 
} else if (cmd. equals ("Deposit") ) { 

String value ^ req. getParameter ( "Value" ) ; 

balance = 

String. valueOf ( Integer - parseint (balance) ^Integer . parseint (value) ) ; 
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user .put ( "Balance" , balance) ; 

showForm (req, res, balance) ; 
} else if {cmd . equals { "Withdraw" ) ) { 

String value = req. get Parameter { "Value" ) ; 

balance = String . valueOf (Integer . parselnt (balance) 
Integer . parseint (value) ) ; 

user. put ("Balance", balance) ; 

showForm (req, res , balance ) ; 
} else { 

showForm (req, res, balance) ; 

} 

} catch (Exception e) { 

e . printStackTrace ( ) ; 

} 

} 

private static final void showForm ( HttpServletRequest 
req, HttpServletResponse res, 

String balance) throws Exception { 
res . setContentType ("text /html") ; 
PrintWriter pw = res . getWriter ( ) ; 
pw , println ( "<htinl><body><center>" 
+ "<h2>Account< /h2> " 
+"<table>" 

+"<tr><td>Balance : </td>" 

+"<td>"+balance+"</td>" 

+"<td> </td></tr>" 

+ "<form niethod=get action=="+req. getServletPath { ) +">" 
+"<input type=hidden name^Command value=Deposit>" 
+"<tr><td>Deposit : </td>" 

+"<td><input type^text name=Value size=30></td>" 
+"<td><input type=submit value= ' OK* ></td></tr>" 
-f "</form>" 

+"<form niethod=get action="+req, getServletPath ( ) +">" 
+"<input type=hidden name=Cominand value==Withdraw>" 
+ " < t rxt d>Wi thdraw : < / td> " 

+"<td><input type=text name=Value size=30></td>" 
+"<td><input type=subinit value=' OK' ></td></tr>" 
+"</form>" 
+"</table>" 

+"</center></body></html>"> ; 

} 

private static final String getRandomId() { 

// value range from 0 to 2147483648 inclusive 

Random r = new Random ( (new Date () ) ,getTime{) ) ; 

int rint = r.nextlntO; 

rint - (rint < 0) ? -l*rint : rint; 

return String. valueOf (rint) ; 

} 

private static final void showError (HttpServletRequest 
req, HttpServletResponse res. 

String message) throws Exception { 
res . setContentType ( "text /html" ) ; 
PrintWriter pw =^ res , getWriter () / 
pw, println ("<html><body><cent€r>" 
+"<h2>Error</h2>" 
+ " <p> "+message+ " < /p> " 

+"<form method=get action="+req. getServletPath () +">" 
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"<input type=submxt value^'OK'>" 
"</form>" 

"</center></body></html>") ; 
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import java.io.*; 
import javax . servlet , * ; 
import javax , servlet . http. *; 



public class InventionDemo extends HttpServlet { 
private int balance; 

// there is type-checking for application values such as balance 

public void service (HttpServletRequest req, HttpServletResponse res) 
throws ServletException^ lOException { 
try { 

// 

//do not need to check for sign-in 
// 

//a central user database can be maintained for all 

applications 

// 

// system administration can assign access control in a 

flexible manner 

// 

// do not need to get cookie 
// 

//do not need to show sign-in 
// 

// do not need to get user hashtable or session object 
// which is used to keep all information/values 
// related to a particular user 
// 

// this object is an object-oriented representation of this 

application 

// and there is type-checking for the values stored such as 

balance 

// 

// go straight to do account 
// 

String cmd = req. get Parameter ("Command") ; 
if (cmd null) { 

showFonri( req, res ^balance) ; 
} else if (cmd. equals ("Deposit") ) { 

String value = req. getParameter ( "Value") ; 

balance Integer .parseint (value) ; 

showForm(req, res, balance) ; 
} else if (cmd. equals ( "Withdraw") ) { 

String value = req. getParameter ( "Value" ) ; 

balance -= Integer .parseint (value) ; 

showForm (req, res, balance) ; 
} else { 

showForm (req, res, balance) ; 

} 

} catch (Exception e) { 

e . pr intStackTrace { ) ; 

} 

} 

private static final void showForm (HttpServletRequest 
req, HttpServletResponse res. 
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int balance) throws Exception ( 
res . setContentType ("text/html" ) ; 
PrintWriter pw = res . getWriter ( ) ; 
pw, println ( "<html><body><center>" 

+ " <h2 >Account < /h2 > " 

+"<table>" 

+"<tr><td>Balance : </td>" 

+"<td>"+balance+"</td>" 

4-"<td> </td></tr>" 

+ "<foria inethod=get action=" + req . getServlet Path { ) + 
+ "<input type=hidden name=Command value==Deposit>" 
+"<tr><td>Deposit : </td>" 

+ "<td><input type=text naine=Value size=30></td>" 
+"<td><input type=submit vaiue= ' OK^ ></td></tr>" 
+"</form>" 

+"<form method=get action="+req. getServletPath { ) + 
+ "<input type=hidden naine=Command vaiue==Withdraw> 
+"<tr><td>Withdraw: </td>" 

+ "<td><input type=text naine=-Value size=30></td>" 
+ "<td><input type=submit value= * OK' ></td></tr>" 
+ "</forni>" 
+"</table>" 

+"</center></body></html>") ; 
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